Pre-announcement of a BIND security issue scheduled for disclosure 17 February 2021

Michael McNally mcnally at isc.org
Thu Feb 11 21:56:57 UTC 2021


Hello --

In May of last year we began experimenting with a new policy of
pre-notification concerning upcoming security releases, based on
efforts we had seen from other open-source projects.

All of the feedback we received regarding this policy has been positive
and supportive and consequently we have elected to continue the
practice.

We are therefore writing to inform you that the February 2021
BIND maintenance releases that will be released on Wednesday,
17 February, will contain a patch for a security vulnerability.

Further details about that vulnerability will be publicly disclosed
at the time the releases are published.  It is our hope that this
pre-announcement will aid BIND operators in preparing for that
disclosure when it occurs.

Michael McNally
ISC Security Officer

P.S.:  if you have feedback or questions concerning this policy,
kindly direct them to security-officer at isc.org


More information about the bind-announce mailing list